Stack Overflow
Stack Overflow

Questions tagged [certenroll]

Certificate enrollment policy provides the locations of certification authorities (CAs) and the types of certificates that can be requested.

Organizations that are using Active Directory Domain Services (AD DS) can use Group Policy to provide certificate enrollment policy to domain members by using the Group Policy Management Console to configure the certificate enrollment policy settings. The Certificates snap-in can be used to configure certificate enrollment policy settings for individual client computers unless the Group Policy setting is configured to disable user-configured enrollment policy. Use the following procedures to configure certificate enrollment policy settings: Manage Certificate Enrollment Policy by Using Group Policy

Manage Certificate Enrollment Policy by Using the Certificates Snap-in

Reference.

58 questions
16
votes
3 answers

Issues compiling in Windows 10

I have identified an issue related to building apps that use C:\Windows\System32\CertEnroll.dll as a reference. The following code works fine when compiled using VS 2015 on Windows 7 and then ran on a Windows 7 machine. using System; using…
spowser
  • 451
  • 4
  • 8
7
votes
1 answer

Create a Computer Request Including IP address Subject Alternative Name

I'm trying to create a request with IP address SAN. This is the function that is responsible for creating the CAlternativeName: public static CAlternativeNameClass GetCurrentIpName() { //get current machine IP address IPAddress ip =…
shachar
  • 621
  • 5
  • 12
5
votes
1 answer

CertEnroll::CX509Enrollment::InstallResponse: Cannot find object or property. 0x80092004 (-2146885628)

I have this problem, I wrote C# code for: Generating CSR programmatically Submit the CSR to Microsoft Certificate Services Receive the certificate and save as pfx. The code works great, but instead of creating CSR programmatically, when I use the…
Suresh
  • 337
  • 2
  • 6
  • 17
5
votes
1 answer

Exception on attempt to create not self-signed certificate

I want to switch from self-signed certificate per device to pair of certificates, one of which is previously generated, placed in Trusted Root Certificate Authorities store, is same for all devices, and works as root CA for second certificate, which…
lentinant
  • 649
  • 7
  • 32
5
votes
0 answers

How do I make a PKCS10 request, and enroll it using a template?

I have been looking everywhere (MSDN, Stackoverflow, blogs, etc) to come up with the following pattern: A client requests a certificate, compatible with the SMIME standard, to a server. (the AD Certificate Services Template portion will be…
halfbit
  • 54,462
  • 46
  • 195
  • 426
4
votes
2 answers

The template parameter in InitializeFromPrivateKey() on CX509CertificateRequestPkcs10 object causes exception when trying a specific Template

I am having an issue with specifying the template parameter in InitializeFromPrivateKey() on the X509Enrollment.CX509CertificateRequestPkcs10 object. Anything other than a template of "User" is resulting in the following…
Paulwin
  • 93
  • 10
4
votes
0 answers

Microsoft CryptoApi - Create a new certificate signed by a root authority certificate

I am trying to sign a public/private key pair by a temporary Root CA, steps followed are next: Create a self-signed root authority certificate (CertCreateSelfSignCertificate) (Done) Generate public/private key pair (CryptGenKey) (Done) Sign…
Alberto Bricio
  • 53
  • 1
  • 14
4
votes
1 answer

How can I generate an Extended Validation self-signed certificate with CertEnroll?

Due to a bug in Windows Azure, all self-signed client certificates used with the Azure REST API from a Windows 8 application must be specified as extended validation certificates. To provide a better user experience, I am trying to generate this…
Paul Turner
  • 35,361
  • 15
  • 90
  • 155
3
votes
2 answers

Enroll an X509Certificate2 without any trace of it being left on the machine

Currently creating Certificate Authorities and Issued Certificates. The Generation of the request, enrollment and validation are all functional, but when I checked my certificate store, I realized, it was placing them in my personal certificate …
Eddie D
  • 1,040
  • 5
  • 13
3
votes
1 answer

IX509Extension XCN encoding?

I understand from reading MSDN that the X509 v3 extensions must be handcrafted. This involves the CRL, AIA, name and policy constraints, policy mapping, private key usage period, and subject directory attributes. I tried to make a CRL distribution…
Max
  • 77
  • 5
3
votes
1 answer

How can I export a Binary PFX from CertEnroll?

I'm having trouble with objEnroll.CreatePFX where the only return type is string, and what I need is a binary output comparable to what happens when I open the Certificates MMC and export a PFX. This is important because I need the original PFX…
halfbit
  • 54,462
  • 46
  • 195
  • 426
3
votes
1 answer

C# Generate a non self signed client CX509Certificate Request without a CA using the certenroll.dll

I have a self signed root certificate that I generated in C# using CERTENROLL.dll's CX509CertificateRequest Certificate functionality. I would like to write a function that generates client certificates signed by my root using the same API.…
Ari
  • 438
  • 2
  • 16
3
votes
3 answers

How to create signed PKCS#7 message with javascript?

I'm trying to create signed PKCS#7 message for PKCS#10 certifacate request on client-side with javascript. There are good examples on PKCS#10:…
Vladislav
  • 1,250
  • 23
  • 28
3
votes
1 answer

Asp.Net CertEnroll CX509CertificateRequestPkcs10 Exception

I have an asp.net 4.0 project that uses a combination of Bouncy Castle and the .Net framework to create an X509 certificate. It runs properly on my W7 dev machine but when installed on W2008 (32 bit, not r2) this bit of…
Serexx
  • 1,010
  • 1
  • 14
  • 29
2
votes
1 answer

File not found error when creating a private key using CERTENROLLLib

System.IO.FileNotFoundException: CertEnroll::CX509PrivateKey::Create: The system cannot find the file specified. 0x80070002 (WIN32: 2) The error above is the exception thrown when I attempt to create a private key to generate a CSR using the…
sean
  • 9,628
  • 8
  • 44
  • 56
1
2 3 4